SF Realty Website Policies
Privacy Policy
SF Realty ("SF Realty," "we," "us," or "our") provides remote asset monitoring, satellite and aerial imagery analysis, site and route visibility, risk-focused reporting, and decision-support services. We are committed to protecting the privacy of the personal information we collect, use, disclose, retain, and safeguard in connection with our website at sfrealty.ca (the "Website") and the services we provide.
This Policy is intended to meet our obligations under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable privacy laws. It works together with our Terms of Service, our Cookie Usage Policy, and—for engaged clients—our Client Confidentiality Agreement and any applicable statement of work or written agreement.
1. What Is Personal Information?
"Personal Information" means information about an identifiable individual. Examples include a person's name, business or personal email address, phone number, and, where an individual is identifiable, information contained in imagery or monitoring data. Business contact information used solely to communicate with a person in their business capacity may be treated differently under applicable law.
2. Information We Collect
We collect only the information reasonably needed for the purposes identified at or before the time of collection, or as otherwise permitted or required by law.
Client and Business-Contact Data. Names, roles, organization details, business email addresses, phone numbers, billing and account information, and the contents of communications for the individuals and organizations that request, authorize, or receive our services.
Website and Inquiry Data. Information you provide through website forms, email, or messages, such as your name, contact details, the nature of your inquiry, and any details you choose to provide.
Imagery and Monitoring Data. Satellite imagery, aerial or authorized drone imagery, maps, and related materials collected or licensed within an authorized engagement scope. This material is collected to provide asset-, site-, and route-focused monitoring and is directed at assets and operational conditions, not at private individuals. Imagery may nonetheless incidentally capture individuals, vehicles, or property that could be identifiable. We handle any such information in accordance with this Policy, our Client Confidentiality Agreement, and Section 8 below.
Technical Data. IP address, browser and device information, pages visited, time spent on the Website, referral source, and cookie identifiers, used to operate and secure the Website and improve the user experience.
3. How We Collect Information
We collect information directly from you through website forms, email, phone, meetings, documents, and other communications. We also obtain imagery and related data from third-party satellite and aerial imagery providers and other licensed data sources, and we generate analysis, reports, and deliverables within the authorized scope of an engagement. We may receive information from your authorized representatives, service providers, and other parties where permitted by law or with appropriate authority.
4. Consent
We seek consent for the collection, use, and disclosure of personal information except where the law permits or requires otherwise. Consent may be express, such as when you submit a form or sign a document, or implied where the purpose is obvious and you voluntarily provide the information.
Where we collect imagery within a client engagement, we rely on the client's authorization and confirmation that the client holds the necessary rights and authority for the requested monitoring scope, as set out in the Client Confidentiality Agreement and applicable engagement terms.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawing consent may limit our ability to respond to inquiries or provide services.
5. How We Use Personal Information
- To respond to inquiries, consultation requests, and other service requests.
- To plan, perform, verify, report, manage, support, and conclude monitoring, imagery, and decision-support services.
- To prepare and deliver reports, imagery, maps, risk notes, timelines, and executive briefings to authorized client contacts.
- To manage client relationships, accounts, billing, and records.
- To operate, secure, troubleshoot, and improve the website and our systems.
- To comply with applicable legal, regulatory, and record-keeping obligations and to respond to lawful requests.
- To send service updates or, where consent exists or is otherwise permitted by law, marketing communications.
6. Disclosure of Personal Information
We do not sell, rent, or trade personal information. We may disclose personal information only as reasonably necessary for identified purposes, with consent, or as permitted or required by law. Recipients may include:
- SF Realty personnel, contractors, and advisors who need the information for the authorized purpose.
- Service providers and vendors who support our services, including satellite and aerial imagery providers, mapping and technology vendors, hosting and cloud-storage providers, analytics providers, communications providers, and professional advisors.
- Authorized client contacts and representatives designated by the client.
- Regulators, courts, government authorities, or law enforcement where required or permitted by law.
Deliverables and engagement materials are shared only with authorized client contacts unless another disclosure is permitted under the Client Confidentiality Agreement or required by law.
7. Commercial Electronic Messages
Where we send commercial electronic messages, we do so in accordance with Canada's Anti-Spam Legislation (CASL). Marketing messages will identify the sender and provide a way to unsubscribe. You can withdraw consent to marketing communications at any time by using the unsubscribe mechanism or contacting us.
8. Imagery and Individual Privacy
Our monitoring services are designed for legitimate asset visibility, operational awareness, and decision-support, and are directed at assets, sites, routes, and visible operational conditions rather than at private individuals. We do not provide unauthorized surveillance, personal tracking, or collection outside an agreed and authorized scope.
Where imagery may incidentally capture identifiable individuals, we apply reasonable measures to limit collection to what is necessary for the authorized purpose, to restrict access, and to avoid using such information for any purpose unrelated to the engagement. Drone-based collection, where used, is conducted only where legally permitted and in compliance with applicable airspace, privacy, and safety requirements, including the requirements administered by Transport Canada.
10. Safeguards and Security
We use reasonable physical, organizational, contractual, and technological safeguards appropriate to the sensitivity of the information, such as access controls, restricted project access, secure storage practices, and service-provider controls. No website, email, or transmission method can be guaranteed to be completely secure.
11. Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to provide and support services, to maintain business records, and to comply with legal, regulatory, and reporting requirements. Imagery and deliverables are retained for the duration of the engagement and for any additional period specified in an applicable written agreement or required by law. When information is no longer required, we will securely delete, anonymize, or destroy it in accordance with our retention practices.
12. Storage and Cross-Border Processing
Personal information and imagery data may be stored or processed in Canada or in other jurisdictions where our service providers operate. In those cases, information may be subject to the laws of that jurisdiction, including lawful access by courts, government, or law-enforcement authorities. We use contractual and other reasonable measures to require service providers to protect personal information in a manner consistent with this Policy.
13. Access, Correction, and Your Rights
You may request access to personal information we hold about you, ask for corrections, withdraw consent, or ask questions about our privacy practices. We may need to verify your identity before responding and may refuse access where permitted or required by law, including where information relates to another party, is subject to confidentiality obligations, or cannot be disclosed for legal reasons.
If you are not satisfied with how we have handled your personal information, you may contact our Privacy Officer (Section 17). You also have the right to make a complaint to the Office of the Privacy Commissioner of Canada (www.priv.gc.ca).
14. Breach Notification
We maintain procedures to respond to security incidents involving personal information. Where a breach of security safeguards creates a real risk of significant harm to an individual, we will report it to the Office of the Privacy Commissioner of Canada and notify affected individuals as required by law, and we will keep records of breaches in accordance with our legal obligations.
15. Minors
The Website and our services are intended for users who are at least the age of majority in their province or territory of residence. We do not knowingly collect personal information from minors without appropriate authority.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be posted on the Website. Continued use of the Website after an update means that the updated Policy applies to subsequent interactions.
17. Contacting the Privacy Officer
Questions, access or correction requests, withdrawal of consent, or privacy complaints should be directed to: